X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=98e6ece24397fa823daa4e33d8f2cf33b2b4ac52;hb=be1446f5d0e8831b60ea473a5b7b9ba40f18986e;hp=601a32584a7abfa1afef0b5e03a7bfbffcfd7245;hpb=68e3efe34980cc82ffc143fc33d3c11b69ec8e2b;p=tinc diff --git a/src/net_setup.c b/src/net_setup.c index 601a3258..98e6ece2 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -86,10 +86,8 @@ bool node_read_ecdsa_public_key(node_t *n) { fp = fopen(pubname, "r"); - if(!fp) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA public key file `%s': %s", pubname, strerror(errno)); + if(!fp) goto exit; - } n->ecdsa = ecdsa_read_pem_public_key(fp); fclose(fp); @@ -633,6 +631,8 @@ bool setup_myself_reloadable(void) { keylifetime = 3600; get_config_int(lookup_config(config_tree, "AutoConnect"), &autoconnect); + if(autoconnect < 0) + autoconnect = 0; get_config_bool(lookup_config(config_tree, "DisableBuggyPeers"), &disablebuggypeers); @@ -647,6 +647,7 @@ bool setup_myself_reloadable(void) { static bool setup_myself(void) { char *name, *hostname, *cipher, *digest, *type; char *address = NULL; + bool port_specified = false; if(!(name = get_name())) { logger(DEBUG_ALWAYS, LOG_ERR, "Name for tinc daemon required!"); @@ -661,9 +662,8 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Port"), &myport)) myport = xstrdup("655"); - - xasprintf(&myself->hostname, "MYSELF port %s", myport); - myself->connection->hostname = xstrdup(myself->hostname); + else + port_specified = true; myself->connection->options = 0; myself->connection->protocol_major = PROT_MAJOR; @@ -671,14 +671,19 @@ static bool setup_myself(void) { myself->options |= PROT_MINOR << 24; - get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental); - - if(experimental && !read_ecdsa_private_key()) - return false; + if(!get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental)) { + experimental = read_ecdsa_private_key(); + logger(DEBUG_ALWAYS, LOG_WARNING, "Support for SPTPS disabled."); + } else { + if(experimental && !read_ecdsa_private_key()) + return false; + } if(!read_rsa_private_key()) return false; + /* Ensure myport is numeric */ + if(!atoi(myport)) { struct addrinfo *ai = str2addrinfo("localhost", myport, SOCK_DGRAM); sockaddr_t sa; @@ -745,7 +750,9 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher)) cipher = xstrdup("blowfish"); - if(!(myself->incipher = cipher_open_by_name(cipher))) { + if(!strcasecmp(cipher, "none")) { + myself->incipher = NULL; + } else if(!(myself->incipher = cipher_open_by_name(cipher))) { logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized cipher type!"); return false; } @@ -767,7 +774,9 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Digest"), &digest)) digest = xstrdup("sha1"); - if(!(myself->indigest = digest_open_by_name(digest, maclength))) { + if(!strcasecmp(digest, "none")) { + myself->indigest = NULL; + } else if(!(myself->indigest = digest_open_by_name(digest, maclength))) { logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized digest type!"); return false; } @@ -947,6 +956,24 @@ static bool setup_myself(void) { return false; } + /* If no Port option was specified, set myport to the port used by the first listening socket. */ + + if(!port_specified) { + sockaddr_t sa; + socklen_t salen = sizeof sa; + if(!getsockname(listen_socket[0].udp.fd, &sa.sa, &salen)) { + free(myport); + sockaddr2str(&sa, NULL, &myport); + if(!myport) + myport = xstrdup("655"); + } + } + + xasprintf(&myself->hostname, "MYSELF port %s", myport); + myself->connection->hostname = xstrdup(myself->hostname); + + /* Done. */ + last_config_check = now.tv_sec; return true;